This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa File: e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa (raw, json) Hash identifier: LYQMs3/4HRyofpxzf3rmH+F6+MvcJPQV9sxRayuhL28= Subject key identifier: AF:02:2B:6A:DC:12:17:91:26:32:C4:ED:F9:BF:AB:81:9F:B7:5F:25 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 59067326941E7716F0C3EEB2BA8446F2A8973345 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa Signing time: Sat 15 Nov 2025 06:30:33 +0000 ROA not before: Sat 15 Nov 2025 06:30:33 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:c040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:06:73:26:94:1e:77:16:f0:c3:ee:b2:ba:84:46:f2:a8:97:33:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:30:33 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=cc77230b1e985bcaf108d6eb7420637b87b89712e27ebec73b3abf9193b2e230, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:2b:9c:d7:72:06:d1:ae:79:47:9b:e0:b8:08: 2f:ed:5c:28:5e:d3:e8:71:26:b0:ae:9b:58:f0:bd: cf:fd:44:f4:60:98:08:d3:b0:fb:5b:b6:86:ee:eb: 1d:e1:13:15:a4:a5:b8:73:d3:10:f4:a8:8a:1f:2c: 70:f9:5a:46:37:08:e1:5d:4c:8e:57:6d:f9:26:58: be:1d:33:cc:ba:f9:1d:77:b6:ab:a7:fc:27:ce:06: 61:01:c9:16:70:90:69:84:69:15:67:fe:34:f0:76: f4:24:39:27:aa:df:9d:70:d6:23:03:64:86:10:cd: 19:49:ef:38:de:3a:58:a7:74:b3:ef:30:23:95:7f: ca:e6:27:72:15:08:56:85:58:b2:01:3f:6d:19:a7: c1:1e:92:49:d9:ef:3a:31:4d:00:c0:10:2a:21:d1: 3f:0c:21:5f:59:20:14:03:0b:bf:c3:15:df:5a:dc: ef:4a:18:e4:f6:e2:ff:d2:07:ab:48:2d:08:fd:e8: 72:ff:bc:e3:20:99:24:24:b4:d4:96:cc:54:69:c1: 9a:66:2b:92:37:2e:da:64:06:91:66:59:c2:14:f8: a7:a3:28:6f:4b:e0:56:66:e5:1a:de:20:73:61:ff: 74:f0:6a:85:1f:2a:8d:92:c6:53:f9:70:c3:6c:9b: b8:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:02:2B:6A:DC:12:17:91:26:32:C4:ED:F9:BF:AB:81:9F:B7:5F:25 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:c040::/48 Signature Algorithm: sha256WithRSAEncryption 42:a1:d6:9c:d4:77:44:f0:0b:b6:d4:d1:37:f8:d1:9d:31:22: 30:d4:c8:e9:0a:82:d6:66:2b:6e:65:13:6b:6a:b3:ca:75:ec: 0c:03:cc:b6:ff:d0:d5:bd:66:a7:5d:54:9d:c1:16:05:11:ba: 1a:a1:72:c5:49:04:9d:55:b2:43:fb:ef:69:40:76:08:bf:3b: bd:08:2a:d5:34:8a:c5:85:65:62:4a:98:ec:06:ad:65:e7:9b: 3d:f7:54:aa:17:d5:b6:72:eb:f6:5d:ba:46:c8:40:cd:cf:ba: 6c:8e:22:c3:3f:9b:b0:3c:d3:48:85:1b:99:95:d3:7f:71:f1: fb:a0:19:25:1e:f7:8f:89:43:f5:72:f0:88:37:ea:46:ff:a8: 65:76:1d:82:e8:6f:6f:1b:65:b9:e1:37:90:0f:32:69:e3:c3: b6:96:d0:da:4b:06:68:1e:2a:62:81:b6:2f:f9:0f:59:e1:c7: 35:91:8f:ae:33:40:73:06:25:6c:a0:6e:5b:3c:c5:08:22:58: 7b:21:e8:81:27:df:f6:b0:3a:59:62:2d:fc:57:d6:da:10:ac: 5b:f7:bf:d9:f1:d0:4c:5e:7c:c9:78:ef:78:cc:9c:45:af:a9: 8c:86:65:91:85:46:c6:13:c7:6a:24:d3:6a:aa:2b:19:01:5a: 09:62:2f:13 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUWQZzJpQedxbww+6yuoRG8qiXM0UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjMwMzNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGNjNzcyMzBiMWU5ODViY2FmMTA4ZDZlYjc0MjA2MzdiODdiODk3MTJlMjdl YmVjNzNiM2FiZjkxOTNiMmUyMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI4rnNdyBtGueUeb4LgIL+1cKF7T6HEmsK6bWPC9z/1E9GCYCNOw+1u2hu7r HeETFaSluHPTEPSoih8scPlaRjcI4V1Mjldt+SZYvh0zzLr5HXe2q6f8J84GYQHJ FnCQaYRpFWf+NPB29CQ5J6rfnXDWIwNkhhDNGUnvON46WKd0s+8wI5V/yuYnchUI VoVYsgE/bRmnwR6SSdnvOjFNAMAQKiHRPwwhX1kgFAMLv8MV31rc70oY5Pbi/9IH q0gtCP3ocv+84yCZJCS01JbMVGnBmmYrkjcu2mQGkWZZwhT4p6Mob0vgVmblGt4g c2H/dPBqhR8qjZLGU/lww2ybuKUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSvAitq 3BIXkSYyxO35v6uBn7dfJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTkzMWNhYTktY2E0ZS00MjhhLWFhM2MtM2FmMzZlZmFmYzhjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADA QDANBgkqhkiG9w0BAQsFAAOCAQEAQqHWnNR3RPALttTRN/jRnTEiMNTI6QqC1mYr bmUTa2qzynXsDAPMtv/Q1b1mp11UncEWBRG6GqFyxUkEnVWyQ/vvaUB2CL87vQgq 1TSKxYVlYkqY7AatZeebPfdUqhfVtnLr9l26RshAzc+6bI4iwz+bsDzTSIUbmZXT f3Hx+6AZJR73j4lD9XLwiDfqRv+oZXYdguhvbxtlueE3kA8yaePDtpbQ2ksGaB4q YoG2L/kPWeHHNZGPrjNAcwYlbKBuWzzFCCJYeyHogSff9rA6WWIt/FfW2hCsW/e/ 2fHQTF58yXjveMycRa+pjIZlkYVGxhPHaiTTaqorGQFaCWIvEw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:29 2025 by rpki-client